Outsourcing of IT is an efficient and common way to reduce costs for IT services and infrastructure. However, it requires management of risks and responsibilities with regards to follow-up on the supplier´s information security and data protection.
These risks can and should be mitigated through agreements but also through risk analysis and follow-up on the supplier’s performance and compliance with agreed upon requirements and service levels.
It can be demanding to structure a methodology and an organization for efficient follow-up on the supplier’s performance with internal resources. With the help of an external partner for third party audits, the result is based on a higher level of independence, performed by a specialist in the field and gives a higher degree of flexibility with regards to personnel planning. The specialist has a tool-box tailored for third party audits and experience in how demands on the outsourcing supplier should be articulated and implemented.
Transcendent Group´s team of experienced IT auditors has extensive experience from designing and performing third party audits on IT service organizations to verify compliance with agreed terms and expected best practice procedures.